org.jsslutils.sslcontext
Class X509SSLContextFactory

java.lang.Object
  extended by org.jsslutils.sslcontext.DefaultSSLContextFactory
      extended by org.jsslutils.sslcontext.X509SSLContextFactory
All Implemented Interfaces:
SSLContextFactory
Direct Known Subclasses:
PKIXSSLContextFactory

public class X509SSLContextFactory
extends DefaultSSLContextFactory

This class is a factory that provides methods for creating an SSLContext configured with the settings set in this factory: using the SunX509 algorithm for both the key manager and the trust manager. These managers are created from the KeyStores passed to the constructor. Unlike the PKIX implementation, this implementation does not support CRLs.

Author:
Bruno Harbulot

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.jsslutils.sslcontext.SSLContextFactory
SSLContextFactory.SSLContextFactoryException
 
Field Summary
static String KEY_PASSWORD_PROP
           
static String KEYSTORE_FILE_PROP
           
static String KEYSTORE_PASSWORD_PROP
           
static String KEYSTORE_PROVIDER_ARGFILE_PROP
           
static String KEYSTORE_PROVIDER_ARGTEXT_PROP
           
static String KEYSTORE_PROVIDER_CLASS_PROP
           
static String KEYSTORE_PROVIDER_PROP
           
static String KEYSTORE_TYPE_PROP
           
static String TRUSTSTORE_FILE_PROP
           
static String TRUSTSTORE_PASSWORD_PROP
           
static String TRUSTSTORE_PROVIDER_ARGFILE_PROP
           
static String TRUSTSTORE_PROVIDER_ARGTEXT_PROP
           
static String TRUSTSTORE_PROVIDER_CLASS_PROP
           
static String TRUSTSTORE_PROVIDER_PROP
           
static String TRUSTSTORE_TYPE_PROP
           
 
Fields inherited from class org.jsslutils.sslcontext.DefaultSSLContextFactory
CONTEXT_PROTOCOL_NAME_PROP, CONTEXT_PROVIDER_NAME_PROP, SECURERANDOM_ALGORITHM_PROP, SECURERANDOM_PROVIDER_NAME_PROP
 
Constructor Summary
X509SSLContextFactory()
          Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.
X509SSLContextFactory(KeyStore keyStore, char[] keyPassword, KeyStore trustStore)
          Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.
X509SSLContextFactory(KeyStore keyStore, String keyPassword, KeyStore trustStore)
          Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.
 
Method Summary
 void configure(Properties properties)
          Configures some this factory based on values in the properties.
 KeyManager[] getKeyManagers()
          Gets the trust managers.
protected  KeyStore getKeyStore()
          Returns the key store.
protected  KeyManager[] getRawKeyManagers()
          Builds KeyManagers from the key store provided in the constructor, using a SunX509 KeyManagerFactory.
protected  TrustManager[] getRawTrustManagers()
          Builds TrustManagers from the trust store provided in the constructor, using a SunX509 TrustManagerFactory.
 TrustManager[] getTrustManagers()
          Gets the trust managers.
protected  KeyStore getTrustStore()
          Returns the trust store.
 void setKeyManagerWrapper(X509KeyManagerWrapper keyManagerWrapper)
          Sets the key manager wrapper.
 void setKeyPassword(char[] keyPassword)
          Sets the key password
 void setKeyPasswordCallbackHandler(CallbackHandler keyPasswordCallbackHandler)
          Sets the CallbackHandler that will be used to obtain the key password if this password is still null.
 void setKeyStore(KeyStore keyStore)
          Sets the key store.
 void setKeyStorePasswordCallbackHandler(CallbackHandler keyStorePasswordCallbackHandler)
          Sets the CallbackHandler that will be used to obtain the key password if this password is still null.
 void setTrustManagerWrapper(X509TrustManagerWrapper trustManagerWrapper)
          Sets the trust manager wrapper.
 void setTrustStore(KeyStore trustStore)
          Sets the trust store.
 void setTrustStorePasswordCallbackHandler(CallbackHandler trustStorePasswordCallbackHandler)
          Sets the CallbackHandler that will be used to obtain the key password if this password is still null.
 
Methods inherited from class org.jsslutils.sslcontext.DefaultSSLContextFactory
buildSSLContext, buildSSLContext, clone, getContextProtocol, getContextProvider, getDefaultSecureRandomAlgorithm, getSecureRandom, getSecureRandomProvider, setSecureRandom
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

KEYSTORE_FILE_PROP

public static final String KEYSTORE_FILE_PROP
See Also:
Constant Field Values

KEYSTORE_TYPE_PROP

public static final String KEYSTORE_TYPE_PROP
See Also:
Constant Field Values

KEYSTORE_PROVIDER_PROP

public static final String KEYSTORE_PROVIDER_PROP
See Also:
Constant Field Values

KEYSTORE_PASSWORD_PROP

public static final String KEYSTORE_PASSWORD_PROP
See Also:
Constant Field Values

KEYSTORE_PROVIDER_CLASS_PROP

public static final String KEYSTORE_PROVIDER_CLASS_PROP
See Also:
Constant Field Values

KEYSTORE_PROVIDER_ARGFILE_PROP

public static final String KEYSTORE_PROVIDER_ARGFILE_PROP
See Also:
Constant Field Values

KEYSTORE_PROVIDER_ARGTEXT_PROP

public static final String KEYSTORE_PROVIDER_ARGTEXT_PROP
See Also:
Constant Field Values

KEY_PASSWORD_PROP

public static final String KEY_PASSWORD_PROP
See Also:
Constant Field Values

TRUSTSTORE_FILE_PROP

public static final String TRUSTSTORE_FILE_PROP
See Also:
Constant Field Values

TRUSTSTORE_TYPE_PROP

public static final String TRUSTSTORE_TYPE_PROP
See Also:
Constant Field Values

TRUSTSTORE_PROVIDER_PROP

public static final String TRUSTSTORE_PROVIDER_PROP
See Also:
Constant Field Values

TRUSTSTORE_PASSWORD_PROP

public static final String TRUSTSTORE_PASSWORD_PROP
See Also:
Constant Field Values

TRUSTSTORE_PROVIDER_CLASS_PROP

public static final String TRUSTSTORE_PROVIDER_CLASS_PROP
See Also:
Constant Field Values

TRUSTSTORE_PROVIDER_ARGFILE_PROP

public static final String TRUSTSTORE_PROVIDER_ARGFILE_PROP
See Also:
Constant Field Values

TRUSTSTORE_PROVIDER_ARGTEXT_PROP

public static final String TRUSTSTORE_PROVIDER_ARGTEXT_PROP
See Also:
Constant Field Values
Constructor Detail

X509SSLContextFactory

public X509SSLContextFactory()
Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.


X509SSLContextFactory

public X509SSLContextFactory(KeyStore keyStore,
                             String keyPassword,
                             KeyStore trustStore)
Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.

Parameters:
keyStore - KeyStore that contains the key.
keyPassword - password to the key.
trustStore - KeyStore that contains the trusted X.509 certificates.

X509SSLContextFactory

public X509SSLContextFactory(KeyStore keyStore,
                             char[] keyPassword,
                             KeyStore trustStore)
Builds an SSLContextFactory using the SunX509 algorithm in the TrustManagerFactory.

Parameters:
keyStore - KeyStore that contains the key.
keyPassword - password to the key.
trustStore - KeyStore that contains the trusted X.509 certificates.
Method Detail

configure

public void configure(Properties properties)
               throws SSLContextFactory.SSLContextFactoryException
Configures some this factory based on values in the properties. In addition to the properties described in DefaultSSLContextFactory.configure(Properties), the following properties are used:
Property name Description
org.jsslutils.prop.keyStore Path to the KeyStore file to use as the keystore; use "NONE" if it's not file-based.
org.jsslutils.prop.keyStoreType Keystore type for the keystore.
org.jsslutils.prop.keyStoreProvider Name of the security Provider to use to load the keystore.
org.jsslutils.prop.keyStorePassword Password to load the keystore.
org.jsslutils.prop.keyStoreProviderClass Name of the Provider class to use to load the keystore, typically used with a provider arg file or text; this takes precedence over loading via provider name.
org.jsslutils.prop.keyStoreProviderArgFile Path to the file to use as an argument when instantiating the keystore Provider via its class name
org.jsslutils.prop.keyStoreProviderArgText Text content of the argument when instantiating the keystore Provider via its class name.
org.jsslutils.prop.keyPassword Password to use the key itself from the keystore.
org.jsslutils.prop.trustStore Path to the KeyStore file to use as the truststore; use "NONE" if it's not file-based.
org.jsslutils.prop.trustStoreType Keystore type for the truststore.
org.jsslutils.prop.trustStoreProvider Name of the security Provider to use to load the truststore.
org.jsslutils.prop.trustStorePassword Password to load the truststore.
org.jsslutils.prop.trustStoreProviderClass Name of the Provider class to use to load the truststore, typically used with a provider arg file or text; this takes precedence over loading via provider name.
org.jsslutils.prop.trustStoreProviderArgFile Path to the file to use as an argument when instantiating the truststore Provider via its class name
org.jsslutils.prop.trustStoreProviderArgText Text content of the argument when instantiating the truststore Provider via its class name.

Specified by:
configure in interface SSLContextFactory
Overrides:
configure in class DefaultSSLContextFactory
Parameters:
properties - properties to use for the configuration.
Throws:
SSLContextFactory.SSLContextFactoryException

setKeyStore

public void setKeyStore(KeyStore keyStore)
Sets the key store.

Parameters:
keyStore - the key store.

setTrustStore

public void setTrustStore(KeyStore trustStore)
Sets the trust store.

Parameters:
trustStore - the trust store.

getKeyStore

protected KeyStore getKeyStore()
Returns the key store.

Returns:
the key store.

getTrustStore

protected KeyStore getTrustStore()
Returns the trust store.

Returns:
the trust store.

setKeyPassword

public void setKeyPassword(char[] keyPassword)
Sets the key password

Parameters:
keyPassword -

setKeyPasswordCallbackHandler

public void setKeyPasswordCallbackHandler(CallbackHandler keyPasswordCallbackHandler)
Sets the CallbackHandler that will be used to obtain the key password if this password is still null. (Optional.)

Parameters:
keyPasswordCallbackHandler - CallbackHandler that will be used to get the password.

setKeyStorePasswordCallbackHandler

public void setKeyStorePasswordCallbackHandler(CallbackHandler keyStorePasswordCallbackHandler)
Sets the CallbackHandler that will be used to obtain the key password if this password is still null. (Optional.)

Parameters:
keyStorePasswordCallbackHandler - CallbackHandler that will be used to get the password.

setTrustStorePasswordCallbackHandler

public void setTrustStorePasswordCallbackHandler(CallbackHandler trustStorePasswordCallbackHandler)
Sets the CallbackHandler that will be used to obtain the key password if this password is still null. (Optional.)

Parameters:
trustStorePasswordCallbackHandler - CallbackHandler that will be used to get the password.

getRawKeyManagers

protected KeyManager[] getRawKeyManagers()
                                  throws SSLContextFactory.SSLContextFactoryException
Builds KeyManagers from the key store provided in the constructor, using a SunX509 KeyManagerFactory.

Returns:
Key managers corresponding to the key store.
Throws:
SSLContextFactory.SSLContextFactoryException

setKeyManagerWrapper

public void setKeyManagerWrapper(X509KeyManagerWrapper keyManagerWrapper)
Sets the key manager wrapper.

Parameters:
keyManagerWrapper -

getKeyManagers

public KeyManager[] getKeyManagers()
                            throws SSLContextFactory.SSLContextFactoryException
Gets the trust managers. If a trust manager wrapper has been set, the "raw" trust managers will be wrapped.

Overrides:
getKeyManagers in class DefaultSSLContextFactory
Returns:
trust managers.
Throws:
SSLContextFactory.SSLContextFactoryException

getRawTrustManagers

protected TrustManager[] getRawTrustManagers()
                                      throws SSLContextFactory.SSLContextFactoryException
Builds TrustManagers from the trust store provided in the constructor, using a SunX509 TrustManagerFactory.

Returns:
SunX509-based trust managers corresponding to the trust store.
Throws:
SSLContextFactory.SSLContextFactoryException

setTrustManagerWrapper

public void setTrustManagerWrapper(X509TrustManagerWrapper trustManagerWrapper)
Sets the trust manager wrapper.

Parameters:
trustManagerWrapper -

getTrustManagers

public TrustManager[] getTrustManagers()
                                throws SSLContextFactory.SSLContextFactoryException
Gets the trust managers. If a trust manager wrapper has been set, the "raw" trust managers will be wrapped.

Overrides:
getTrustManagers in class DefaultSSLContextFactory
Returns:
trust managers.
Throws:
SSLContextFactory.SSLContextFactoryException


Copyright © 2012. All Rights Reserved.